1 | <?php |
||
2 | /** |
||
3 | * Extended User Profile |
||
4 | * |
||
5 | * You may not change or alter any portion of this comment or credits |
||
6 | * of supporting developers from this source code or any supporting source code |
||
7 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||
8 | * This program is distributed in the hope that it will be useful, |
||
9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||
11 | * |
||
12 | * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) |
||
13 | * @license GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html) |
||
14 | * @package profile |
||
15 | * @since 2.3.0 |
||
16 | * @author Jan Pedersen |
||
17 | * @author Taiwen Jiang <[email protected]> |
||
18 | */ |
||
19 | |||
20 | use XoopsModules\Suico\IndexController; |
||
21 | use Xmf\Request; |
||
22 | |||
23 | $GLOBALS['xoopsOption']['template_main'] = 'suico_changepass.tpl'; |
||
24 | require __DIR__ . '/header.php'; |
||
25 | /** |
||
26 | * Fetching numbers of groups friends videos pictures etc... |
||
27 | */ |
||
28 | $controller = new IndexController($xoopsDB, $xoopsUser, $xoopsModule); |
||
29 | $nbSections = $controller->getNumbersSections(); |
||
30 | if (!$GLOBALS['xoopsUser']) { |
||
31 | redirect_header(XOOPS_URL, 2, _NOPERM); |
||
32 | } |
||
33 | $xoopsOption['xoops_pagetitle'] = sprintf(_MD_SUICO_CHANGEPASSWORD, $xoopsModule->getVar('name'), $controller->nameOwner); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
34 | if (!isset($_POST['submit'])) { |
||
35 | //show change password form |
||
36 | include_once $GLOBALS['xoops']->path('class/xoopsformloader.php'); |
||
37 | $form = new XoopsThemeForm(_MD_SUICO_CHANGEPASSWORD, 'form', $_SERVER['REQUEST_URI'], 'post', true); |
||
38 | $form->addElement(new XoopsFormPassword(_MD_SUICO_OLDPASSWORD, 'oldpass', 15, 50), true); |
||
39 | $form->addElement(new XoopsFormPassword(_MD_SUICO_NEWPASSWORD, 'newpass', 15, 50), true); |
||
40 | $form->addElement(new XoopsFormPassword(_US_VERIFYPASS, 'vpass', 15, 50), true); |
||
41 | $form->addElement(new XoopsFormButton('', 'submit', _SUBMIT, 'submit')); |
||
42 | $form->assign($GLOBALS['xoopsTpl']); |
||
43 | $xoBreadcrumbs[] = ['title' => _MD_SUICO_CHANGEPASSWORD]; |
||
44 | } else { |
||
45 | /* @var XoopsConfigHandler $configHandler */ |
||
46 | $configHandler = xoops_getHandler('config'); |
||
47 | $GLOBALS['xoopsConfigUser'] = $configHandler->getConfigsByCat(XOOPS_CONF_USER); |
||
48 | $myts = MyTextSanitizer::getInstance(); |
||
49 | $oldpass = Request::getString('oldpass', '', 'POST'); |
||
50 | $password = Request::getString('newpass', '', 'POST'); |
||
51 | $vpass = Request::getString('vpass', '', 'POST'); |
||
52 | $errors = []; |
||
53 | if (!password_verify($oldpass, $GLOBALS['xoopsUser']->getVar('pass', 'n'))) { |
||
54 | $errors[] = _MD_SUICO_WRONGPASSWORD; |
||
55 | } |
||
56 | if (mb_strlen($password) < $GLOBALS['xoopsConfigUser']['minpass']) { |
||
57 | $errors[] = sprintf(_US_PWDTOOSHORT, $GLOBALS['xoopsConfigUser']['minpass']); |
||
58 | } |
||
59 | if ($password != $vpass) { |
||
60 | $errors[] = _US_PASSNOTSAME; |
||
61 | } |
||
62 | if ($errors) { |
||
63 | $msg = implode('<br>', $errors); |
||
64 | } else { |
||
65 | //update password |
||
66 | $GLOBALS['xoopsUser']->setVar('pass', password_hash($password, PASSWORD_DEFAULT)); |
||
67 | /* @var XoopsMemberHandler $memberHandler */ |
||
68 | $memberHandler = xoops_getHandler('member'); |
||
69 | $msg = _MD_SUICO_ERRORDURINGSAVE; |
||
70 | if ($memberHandler->insertUser($GLOBALS['xoopsUser'])) { |
||
71 | $msg = _MD_SUICO_PASSWORDCHANGED; |
||
72 | } |
||
73 | } |
||
74 | redirect_header(XOOPS_URL . '/modules/' . $GLOBALS['xoopsModule']->getVar('dirname', 'n') . '/index.php?uid=' . $GLOBALS['xoopsUser']->getVar('uid'), 2, $msg); |
||
75 | } |
||
76 | require __DIR__ . '/footer.php'; |
||
77 | require dirname(__DIR__, 2) . '/footer.php'; |
||
78 |